Audit Open Original ↗
YOLOv7
Type
Security review
Client
—
Date
2023-10
Domain
AI/ML
Effort
4 wks
Section
AI/ML Reviews
Trail of Bits's security review of YOLOv7 (Oct 2023) identified 12 issues: 5 high, 2 medium, 4 low, and 1 informational.
Findings · 12
- 1 Multiple uses of subprocess.check_output with shell=True could allow command injection High
- 2 Models are stored and loaded as pickle files throughout the YOLO codebase High
- 3 Parsing of YAML config file can lead to arbitrary code execution High
- 4 Untrusted pre-trained models can lead to arbitrary code execution High
- 5 Multiple uses of os.system could allow command injection High
- 6 Use of unencrypted HTTP protocol Low
- 7 Insecure origin check Low
- 8 The check_dataset function downloads and unzips files from arbitrary URLs Low
- 9 Insu�cient input validation in triton inference server could result in uncaught exception at runtime Medium
- 10 Improper use of TorchScript tracing leads to model di�erentials Medium
- 11 Project lacks adequate testing framework Informational
- 12 Flaw in detect.py will cause runtime exceptions to occur when using a traced model Low
Findings extracted from the published report PDF. See the full report below for details and remediation.
Related
- 2026 How we made Trail of Bits AI-Native (so far) Talk
- 2025 Weaponizing Image Scaling Against Production AI Systems Talk
- 2025 Indirect Prompt Injection: Architectural Testing Approaches for Real World AI/ML Systems Talk
- 2025 From Polyglots to Prompt Injections: Parsing is Still Execution (And Your LLM Didn't Get the Memo) Talk
- 2025 Frontier AI in Cybersecurity: Risks and Opportunities Talk
- 2024 The Present and Future of AI and Security Talk